Ian Carroll

@iangcarroll@infosec.exchange
724 Followers
65 Following
2 Posts
Security/bug bounty at Robinhood; tweets my own. Application security, security research, etc.
Websitehttps://ian.sh
As a side node, we discovered a Vaudenay-style padding oracle against Google Hosted S/MIME. Concretely, Google’s SMTP server issued different error codes depending on whether it successfully decrypted an S/MIME mail or not. On average, this attack requires 128 query mails per byte to recover the plaintext an S/MIME mail. See Appendix A in the paper for the details.
In which Ian Carroll casually compromises a Turkish root CA trusted by most browsers: https://ian.sh/etugra
Security concerns with the e-Tugra certificate authority

Certificate authorities (CAs) are a critical backbone of internet security; when they are compromised, users lose the ability to securely connect to websites without fear of interception. Websites cannot insulate themselves against a fully-compromised CA, even if they normally use other CAs.

Security concerns with the e-Tugra certificate authority